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What is claimed is: 



CLAIMS 




1, Method for signing an object comprising the steps of: 
iking a snapshot of the object wherein the snapshot represents the object 
at a point of execution; 

associating a signature with said snapshot; 

maintaining said association between said snapshot and said signature. 



2. The mefcod of claim 1 further comprising the steps of: 
verifying said signature; 

constructing a newN^bject using said snapshot, when said signature is 
verified. 

3. The method of claim l\urther comprising the steps of: 
storing said snapshot in anothery)bject; 
storing said signature in said another object. 

4. The method of claim 1 further comj^rising the steps of: 
monitoring the status of said snapshot; 

invalidating said signature when the status of s^ snapshot changes. 

5. The method of claim 1 further comprising the^^tep of creating said 
signature using said snapshot. 



6. The method of claim 5 further comprising the step of associating a 
second signature with said snapshot. 
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7>s. The method of claim 6 further comprising the steps of: 
veriiVing said second signature; 

constriming a new object using said snapshot, when said second signature 
is verified. \ 

8. Methodvfor sealing an object comprising the steps of: 
generating an encryption key; 

taking a snapsho^sof the object, wherein the snapshot represents the 
object at a point of execution; 
generating an encrypteaSsnapshot; 
deleting said snapshot. \ 

9. The method of claim 8 fiMher comprising the step of associating a 
signature with said snapshot. \ 

10. The method of claim 9 further coirorising the steps of: 
verifying said signature; \ 

constructing a new object using said snapshot, when said signature is 
verified. \ 

1 1 . An article of manufacturing comprising: \ 

a computer usable medium having computer readao^^ program code 
embodied therein for signing an object comprising: \ 

computer readable program code configured to cause a cornputer to take 
a snapshot of the object wherein the snapshot represents the object at a point of 
execution; \ 
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\^ computer readable program code configured to cause a computer to 
associate a signature with said snapshot; 

cc^mputer readable program code configured to cause a computer to 
maintain said association between said snapshot and said signature. 



12. The article of manufacture of claim 11 further comprising: 
computer\eadable program code configured to cause a computer to 

verify said signatur^ 

computer reao^ble program code configured to cause a computer to 
construct a new object using said snapshot, when said signature is verified. 

13. The article of nm\ufacture of claim 11 further comprising: 
computer readable program code configured to cause a computer to store 

said snapshot in another object; 

computer readable program c'^de configured to cause a computer to store 
said signature in said another object. 

14. The article of manufacture of cmim 11 further comprising: 
computer readable program code coni^gured to cause a computer to 

monitor the status of said snapshot; 

computer readable program code configur^ to cause a computer to 
invalidate said signature when the status of said snapshot changes. 

15. The article of manufacture of claim 11 further comprising computer 
readable program code configured to cause a computer to create said signature 
using said snapshot. 
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\ 16. The article of manufacture of claim 11 further comprising computer 
readable, program code configured to cause a computer to associate a second 
signature with said snapshot. 



or 



IP 



17. Th^ article of manufacture of claim 16 further comprising: 
computer readable program code configured to cause a computer to 

verify said second simature: 

computer readable program code configured to cause a computer to 
^ construct a new object u$jng said snapshot, when said second signature is 
verified. 

18. An article of manufachiring comprising: 

a computer usable medium Having computer readable program code 
embodied therein for sealing an object comprising: 

computer readable program oode configured to cause a computer 
to generate an encryption key; 

computer readable program code ^nfigured to cause a computer 
to take a snapshot of the object, wherein the snapsijot represents the object at a 
point of executions- 
computer readable program code configu'is^d to cause a computer 
to encrypt said snapshot; 

computer readable program code configured fto cause a computer 
to delete said snapshot. 



19. The article of manufacture of claim 18 further comprising computer 
readable program code configured to cause a computer to decrypt said 
encrypted snapshot. 
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\20. The article of manufacture of claim 18 further comprising computer 
readablVprogram code cor\figured to cause a computer to associate a signature 
with said snapshot. 

21. The article of manufacture of claim 20 further comprising: 
computer reaoable program code configured to cause a computer to 

verify said signature; and 

computer readableNprogram code configured to cause a computer to 
construct a new object using s^id snapshot, when said signature is verified. 

22. A system configured\p sign an object comprising: 

a first module of program coa^ executing on a computer configured to 
take a snapshot of an object wherein me snapshot represents the object at a 
point of execution; \ 

a second module of program code executing on said computer corifigured 
to generate a signature using aid snapshot; \ 

said first module configured to monitor the status of said snapshot, and to 
invalidate said signature when said snapshot is changed. 

23. The system of claim 22 wherein said first anov second modules are 
implemented as a second object. \ 

24. The system of claim 23 wherein said snapshot and\aid signature 
are stored in said second object, said second object limiting access to said 
snapshot through one or more methods of said second object. \ 
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The system of claim 24 wherein said one or more methods of said 
second obj^invalidate said signature when said access modifies said snapshot. 




26. The s)^stem of claim 22 further comprising a sealing module 
comprising: 

a key generation modiBe configured to generate an encryption key; 
an encryption module con^gured to generate an encrypted snapshot 
from said snapshot; 

a deletion module configured to del^ said snapshot. 



27. The system of claim 26 wherein said s^ond object is configured to 
invoke said key generation module, said encryption module and said deletion 
module. 



28. The system of claim 27 wherein said second object is configured to 
verify said signature and construct a new object using said snapshot w4;\en said 
signature is verified. 
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